package com.entrust.identityGuard.mobilesc.sdk.btprotocol;

import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAKeyGenParameterSpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class b {
    public static boolean a = true;
    private static final String c = "b";

    /* renamed from: j, reason: collision with root package name */
    private static byte[] f1291j = {1, 0, 1};
    private byte[] DEBUG_AES_KEY_BYTES;
    private byte[] DEBUG_IV_BYTES;
    private boolean m_debugPrintKeys;
    private boolean m_debugStaticSessionKeys;
    private byte[] m_iv;
    private RSAPrivateKey m_privateKey;
    private RSAPublicKey m_publicKey;
    private SecretKeySpec m_secretKeySpec;

    public b(boolean z) throws EntBTSessionException {
        this.m_privateKey = null;
        this.m_publicKey = null;
        this.m_secretKeySpec = null;
        this.m_iv = null;
        this.m_debugPrintKeys = false;
        this.m_debugStaticSessionKeys = false;
        this.DEBUG_AES_KEY_BYTES = e.a("c4 d5 bf 62 56 72 e6 d1 ff a4 07 5b 12 c2 95 21 b1 48 46 10 03 03 83 28 80 83 26 66 09 b2 46 82");
        this.DEBUG_IV_BYTES = e.a("b4 74 7c 62 82 92 4c 3a 0e 74 54 6c 3b 96 57 42");
        if (z) {
            c();
            return;
        }
        if (this.m_privateKey != null) {
            return;
        }
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(new RSAKeyGenParameterSpec(2048, new BigInteger(f1291j)));
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            this.m_publicKey = (RSAPublicKey) generateKeyPair.getPublic();
            this.m_privateKey = (RSAPrivateKey) generateKeyPair.getPrivate();
            if (this.m_debugPrintKeys) {
                String str = c;
                com.entrust.identityGuard.mobilesc.sdk.util.a.c(str, "Creating new KeyPair.");
                byte[] byteArray = this.m_publicKey.getModulus().toByteArray();
                byte[] byteArray2 = this.m_privateKey.getPrivateExponent().toByteArray();
                com.entrust.identityGuard.mobilesc.sdk.util.a.c(str, "Public:  " + e.a(byteArray));
                com.entrust.identityGuard.mobilesc.sdk.util.a.c(str, "Private: " + e.a(byteArray2));
                RSAPublicKey rSAPublicKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(byteArray), RSAKeyGenParameterSpec.F4));
                RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateKeySpec(new BigInteger(byteArray), new BigInteger(byteArray2)));
                com.entrust.identityGuard.mobilesc.sdk.util.a.c(str, "Newly-created KeyPair Reconstituted:");
                byte[] byteArray3 = rSAPublicKey.getModulus().toByteArray();
                byte[] byteArray4 = rSAPrivateKey.getPrivateExponent().toByteArray();
                com.entrust.identityGuard.mobilesc.sdk.util.a.c(str, "Public:  " + e.a(byteArray3));
                com.entrust.identityGuard.mobilesc.sdk.util.a.c(str, "Private: " + e.a(byteArray4));
            }
        } catch (Exception e2) {
            com.entrust.identityGuard.mobilesc.sdk.util.a.a(c, "EntBTSession() exception: " + e2.toString());
            throw new EntBTSessionException("Could not create keypair");
        }
    }

    public b(byte[] bArr) throws EntBTSessionException {
        this.m_privateKey = null;
        this.m_publicKey = null;
        this.m_secretKeySpec = null;
        this.m_iv = null;
        this.m_debugPrintKeys = false;
        this.m_debugStaticSessionKeys = false;
        this.DEBUG_AES_KEY_BYTES = e.a("c4 d5 bf 62 56 72 e6 d1 ff a4 07 5b 12 c2 95 21 b1 48 46 10 03 03 83 28 80 83 26 66 09 b2 46 82");
        this.DEBUG_IV_BYTES = e.a("b4 74 7c 62 82 92 4c 3a 0e 74 54 6c 3b 96 57 42");
        if (this.m_debugPrintKeys) {
            String str = c;
            com.entrust.identityGuard.mobilesc.sdk.util.a.c(str, "Phone: Reusing public key passed into constructor:");
            com.entrust.identityGuard.mobilesc.sdk.util.a.c(str, "Public:  " + e.a(bArr));
        }
        if ((bArr[0] & 128) == 128) {
            byte[] bArr2 = new byte[bArr.length + 1];
            System.arraycopy(bArr, 0, bArr2, 1, bArr.length);
            bArr2[0] = 0;
            bArr = bArr2;
        }
        try {
            this.m_publicKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(bArr), RSAKeyGenParameterSpec.F4));
            c();
            if (this.m_debugPrintKeys) {
                String str2 = c;
                com.entrust.identityGuard.mobilesc.sdk.util.a.c(str2, "Phone: Reusing public key (reconstituted):");
                com.entrust.identityGuard.mobilesc.sdk.util.a.c(str2, "Public:  " + e.a(this.m_publicKey.getModulus().toByteArray()));
            }
        } catch (Exception e2) {
            com.entrust.identityGuard.mobilesc.sdk.util.a.a(c, "EntBTSession() exception: " + e2.toString());
            throw new EntBTSessionException(e2.toString());
        }
    }

    private byte[] a(byte[] bArr, byte[] bArr2, int i2, int i3) {
        byte[] bArr3 = new byte[i3];
        for (int i4 = 0; i4 < i3; i4++) {
            bArr3[i4] = (byte) (bArr[i4] ^ bArr2[i2 + i4]);
        }
        return bArr3;
    }

    private void c() {
        byte[] bArr;
        byte[] bArr2;
        if (this.m_debugStaticSessionKeys) {
            bArr = this.DEBUG_AES_KEY_BYTES;
            bArr2 = this.DEBUG_IV_BYTES;
        } else {
            SecureRandom secureRandom = new SecureRandom();
            byte[] bArr3 = new byte[32];
            byte[] bArr4 = new byte[16];
            secureRandom.nextBytes(bArr3);
            secureRandom.nextBytes(bArr4);
            bArr = bArr3;
            bArr2 = bArr4;
        }
        this.m_secretKeySpec = new SecretKeySpec(bArr, "AES");
        this.m_iv = bArr2;
        if (this.m_debugPrintKeys) {
            String str = c;
            com.entrust.identityGuard.mobilesc.sdk.util.a.c(str, "AES key: " + e.a(bArr));
            com.entrust.identityGuard.mobilesc.sdk.util.a.c(str, "IV:      " + e.a(this.m_iv));
        }
    }

    private void d(byte[] bArr) throws EntBTSessionException {
        if ((bArr[0] & 128) == 128) {
            byte[] bArr2 = new byte[bArr.length + 1];
            System.arraycopy(bArr, 0, bArr2, 1, bArr.length);
            bArr2[0] = 0;
            bArr = bArr2;
        }
        try {
            this.m_publicKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(bArr), new BigInteger(f1291j)));
        } catch (NoSuchAlgorithmException e2) {
            com.entrust.identityGuard.mobilesc.sdk.util.a.a(c, "Unable to import RSA public key: " + e2.getMessage());
            throw new EntBTSessionException(e2.toString());
        } catch (InvalidKeySpecException e3) {
            com.entrust.identityGuard.mobilesc.sdk.util.a.a(c, "Supplied public key bytes were invalid: " + e3.getMessage());
            throw new EntBTSessionException(e3.toString());
        }
    }

    private byte[] d() throws EntBTSessionException {
        try {
            byte[] encoded = this.m_secretKeySpec.getEncoded();
            byte[] bArr = this.m_iv;
            byte[] bArr2 = new byte[bArr.length + encoded.length];
            System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
            System.arraycopy(encoded, 0, bArr2, this.m_iv.length, encoded.length);
            if (this.m_debugPrintKeys) {
                com.entrust.identityGuard.mobilesc.sdk.util.a.c(c, "AES Key + IV: " + e.a(bArr2));
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
            cipher.init(1, this.m_publicKey);
            return cipher.doFinal(bArr2);
        } catch (Exception e2) {
            com.entrust.identityGuard.mobilesc.sdk.util.a.a(c, "encryptSessionKey exception: " + e2.toString());
            throw new EntBTSessionException(e2.toString());
        }
    }

    private void e() {
        for (int i2 = 15; i2 > -1; i2--) {
            byte[] bArr = this.m_iv;
            bArr[i2] = (byte) (bArr[i2] + 1);
            if (bArr[i2] != 0) {
                return;
            }
        }
    }

    private static byte[] e(byte[] bArr) {
        int i2 = 0;
        for (int i3 = 0; i3 < bArr.length && bArr[i3] == 0; i3++) {
            i2++;
        }
        int length = bArr.length - 1;
        for (int length2 = bArr.length - 1; length2 > i2 && bArr[length2] == 0; length2--) {
            length--;
        }
        if (i2 == 0 && length == bArr.length - 1) {
            return bArr;
        }
        int i4 = (length - i2) + 1;
        byte[] bArr2 = new byte[i4];
        System.arraycopy(bArr, i2, bArr2, 0, i4);
        return bArr2;
    }

    public byte[] a() throws EntBTSessionException {
        RSAPublicKey rSAPublicKey = this.m_publicKey;
        if (rSAPublicKey == null) {
            return null;
        }
        return rSAPublicKey.getModulus().toByteArray();
    }

    public byte[] a(byte[] bArr) throws EntBTSessionException {
        return b(bArr);
    }

    public byte[] b() throws EntBTSessionException {
        try {
            RSAPublicKey rSAPublicKey = this.m_publicKey;
            if (rSAPublicKey == null) {
                return new byte[0];
            }
            byte[] bArr = new byte[4];
            System.arraycopy(MessageDigest.getInstance("SHA1").digest(e(rSAPublicKey.getModulus().toByteArray())), 0, bArr, 0, 4);
            return bArr;
        } catch (NoSuchAlgorithmException e2) {
            com.entrust.identityGuard.mobilesc.sdk.util.a.a(c, "Unable to create SHA-1 hash of public key: " + e2.toString());
            this.m_publicKey = null;
            throw new EntBTSessionException(e2.toString());
        }
    }

    public byte[] b(byte[] bArr) throws EntBTSessionException {
        if (bArr == null) {
            return null;
        }
        if (bArr.length == 0) {
            return bArr;
        }
        byte[] bArr2 = new byte[bArr.length];
        int length = bArr.length / 16;
        if (bArr.length % 16 != 0) {
            length++;
        }
        try {
            Cipher cipher = Cipher.getInstance("AES/ECB/NOPADDING");
            cipher.init(1, this.m_secretKeySpec);
            int length2 = bArr.length;
            for (int i2 = 0; i2 < length; i2++) {
                try {
                    int i3 = i2 * 16;
                    byte[] a2 = a(cipher.doFinal(this.m_iv), bArr, i3, length2 < 16 ? length2 : 16);
                    System.arraycopy(a2, 0, bArr2, i3, a2.length);
                    e();
                    length2 -= 16;
                } catch (Exception e2) {
                    com.entrust.identityGuard.mobilesc.sdk.util.a.a(c, "Crypto.encrypt exception: " + e2.toString());
                    throw new EntBTSessionException(e2.getMessage());
                }
            }
            return bArr2;
        } catch (Exception e3) {
            throw new EntBTSessionException(e3.getMessage());
        }
    }

    public byte[] c(byte[] bArr) throws EntBTSessionException {
        byte[] a2 = a();
        if (bArr == null && a2 == null) {
            throw new EntBTSessionException("No public key available");
        }
        if (bArr != null) {
            d(bArr);
        }
        return d();
    }

    public byte[] f(byte[] bArr) throws EntBTSessionException {
        try {
            if (this.m_publicKey == null) {
                return new byte[0];
            }
            byte[] bArr2 = new byte[4];
            System.arraycopy(MessageDigest.getInstance("SHA1").digest(bArr), 0, bArr2, 0, 4);
            return bArr2;
        } catch (NoSuchAlgorithmException e2) {
            com.entrust.identityGuard.mobilesc.sdk.util.a.a(c, "Unable to create SHA-1 hash of public key: " + e2.toString());
            this.m_publicKey = null;
            throw new EntBTSessionException(e2.toString());
        }
    }
}
